class StytchB2B::Passwords
def migrate(
The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
status_code::
The type of this field is +Organization+ (+object+).
The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
organization::
The type of this field is +Member+ (+object+).
The [Member object](https://stytch.com/docs/b2b/api/member-object)
member::
The type of this field is +Boolean+.
A flag indicating `true` if a new Member object was created and `false` if the Member object already existed.
member_created::
The type of this field is +String+.
Globally unique UUID that identifies a specific Member.
member_id::
The type of this field is +String+.
Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
request_id::
An object with the following fields:
== Returns:
The type of this field is nilable +Boolean+.
authentication factors with the affected SSO connection IDs will be revoked.
by SSO connection or SSO group. Defaults to `false` - that is, existing Member Sessions that contain SSO
Whether to preserve existing sessions when explicit Roles that are revoked are also implicitly assigned
preserve_existing_sessions::
The type of this field is nilable list of +String+.
`preserve_existing_sessions` parameter with a value of `true`.
authentication factors with the affected connection ID. You can preserve these sessions by passing in the
or an SSO group, we will by default revoke any existing sessions for the Member that contain any SSO
If a Role is removed from a Member, and the Member is also implicitly assigned this Role from an SSO connection
[RBAC guide](https://stytch.com/docs/b2b/guides/rbac/role-assignment) for more information about role assignment.
Will completely replace any existing explicitly assigned roles. See the
Roles to explicitly assign to this Member.
roles::
The type of this field is nilable +object+.
for complete field behavior details.
frontend SDK, and should not be used to store critical information. See the [Metadata resource](https://stytch.com/docs/b2b/api/metadata)
An arbitrary JSON object of application-specific data. These fields can be edited directly by the
untrusted_metadata::
The type of this field is nilable +object+.
An arbitrary JSON object for storing application-specific data or identity-provider-specific data.
trusted_metadata::
The type of this field is nilable +String+.
The name of the Member. Each field in the name object is optional.
name::
The type of this field is nilable +PBKDF2Config+ (+object+).
Required additional parameters for PBKDF2 hash keys. Note that we use the SHA-256 by default, please contact [support@stytch.com](mailto:support@stytch.com) if you use another hashing function.
pbkdf_2_config::
The type of this field is nilable +ScryptConfig+ (+object+).
Required parameters if the scrypt is not provided in a **PHC encoded form**.
scrypt_config::
The type of this field is nilable +SHA1Config+ (+object+).
Optional parameters for SHA-1 hash types.
sha_1_config::
The type of this field is nilable +Argon2Config+ (+object+).
Required parameters if the argon2 hex form, as opposed to the encoded form, is supplied.
argon_2_config::
The type of this field is nilable +MD5Config+ (+object+).
Optional parameters for MD-5 hash types.
md_5_config::
The type of this field is +String+.
Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to perform operations on an Organization, so be sure to preserve this value.
organization_id::
The type of this field is +MigrateRequestHashType+ (string enum).
The password hash used. Currently `bcrypt`, `scrypt`, `argon2i`, `argon2id`, `md_5`, `sha_1`, and `pbkdf_2` are supported.
hash_type::
The type of this field is +String+.
The password hash. For a Scrypt or PBKDF2 hash, the hash needs to be a base64 encoded string.
hash::
The type of this field is +String+.
The email address of the Member.
email_address::
== Parameters:
Adds an existing password to a member's email that doesn't have a password yet. We support migrating members from passwords stored with bcrypt, scrypt, argon2, MD-5, SHA-1, and PBKDF2. This endpoint has a rate limit of 100 requests per second.
def migrate( email_address:, hash:, hash_type:, organization_id:, md_5_config: nil, argon_2_config: nil, sha_1_config: nil, scrypt_config: nil, pbkdf_2_config: nil, name: nil, trusted_metadata: nil, untrusted_metadata: nil, roles: nil, preserve_existing_sessions: nil ) headers = {} request = { email_address: email_address, hash: hash, hash_type: hash_type, organization_id: organization_id } request[:md_5_config] = md_5_config unless md_5_config.nil? request[:argon_2_config] = argon_2_config unless argon_2_config.nil? request[:sha_1_config] = sha_1_config unless sha_1_config.nil? request[:scrypt_config] = scrypt_config unless scrypt_config.nil? request[:pbkdf_2_config] = pbkdf_2_config unless pbkdf_2_config.nil? request[:name] = name unless name.nil? request[:trusted_metadata] = trusted_metadata unless trusted_metadata.nil? request[:untrusted_metadata] = untrusted_metadata unless untrusted_metadata.nil? request[:roles] = roles unless roles.nil? request[:preserve_existing_sessions] = preserve_existing_sessions unless preserve_existing_sessions.nil? post_request('/v1/b2b/passwords/migrate', request, headers) end